Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/323830333a363338303a3a2f33322d3438203d3e203130363137.roa
File:                     323830333a363338303a3a2f33322d3438203d3e203130363137.roa (raw, json)
Hash identifier:          aECHcp8NNsCT6wM7clyEPbmQF7XOdqLTzWQ2MQSIzJE=
Subject key identifier:   33:F5:A9:8C:8C:4A:45:E3:04:11:70:22:F7:81:F4:62:BF:3B:7B:1B
Certificate issuer:       /CN=16D6DAFBF5511C53569330FFFD2E9E564974D14D
Certificate serial:       481A5244B982AE08C7148343861DF2E25F072498
Authority key identifier: 16:D6:DA:FB:F5:51:1C:53:56:93:30:FF:FD:2E:9E:56:49:74:D1:4D
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/323830333a363338303a3a2f33322d3438203d3e203130363137.roa
Signing time:             Tue 04 Feb 2025 18:48:45 +0000
ROA not before:           Tue 04 Feb 2025 18:43:45 +0000
ROA not after:            Tue 03 Feb 2026 18:48:45 +0000
asID:                     10617
IP address blocks:        2803:6380::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.crl
                          rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Feb 2025 17:38:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:1a:52:44:b9:82:ae:08:c7:14:83:43:86:1d:f2:e2:5f:07:24:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16D6DAFBF5511C53569330FFFD2E9E564974D14D
        Validity
            Not Before: Feb  4 18:43:45 2025 GMT
            Not After : Feb  3 18:48:45 2026 GMT
        Subject: CN=33F5A98C8C4A45E304117022F781F462BF3B7B1B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:ff:90:ee:1d:7d:07:48:4b:ea:5a:30:01:b2:
                    61:a1:52:4d:b8:c7:66:51:51:fa:57:1b:cf:38:fb:
                    90:73:20:df:b0:60:04:d5:a7:f3:c4:fb:43:f3:7f:
                    ff:13:44:14:bb:5e:de:16:1b:da:61:28:8e:2d:54:
                    27:3d:07:01:1c:5a:cc:6c:a2:60:0a:84:f4:36:ed:
                    68:94:e3:0d:da:4c:af:66:57:0f:a5:ae:64:8b:f1:
                    77:35:3e:a4:06:d7:61:0d:5d:b7:ff:c4:d2:61:d8:
                    e3:ef:7b:ad:20:a1:ee:cf:54:33:08:2c:cf:81:c8:
                    da:8b:e0:9e:95:93:de:54:bc:a4:0a:5a:29:45:38:
                    a8:c8:ca:45:1a:b1:4d:ff:1e:9e:e8:12:58:54:72:
                    16:2b:e4:57:7c:23:45:04:a4:6a:32:cd:58:42:3d:
                    61:5b:48:fc:7a:af:46:d9:f1:43:86:0b:ea:ca:d8:
                    00:53:f0:e1:d3:d9:81:eb:a6:41:61:8d:6b:b9:92:
                    1e:ff:7f:8b:7b:45:38:8a:33:f8:5c:b9:8e:e1:53:
                    d7:82:63:7f:1e:5b:04:ce:c2:2b:76:ff:b6:99:2b:
                    ef:68:ff:b3:d1:fc:c2:c5:fb:93:71:14:56:7c:47:
                    c8:db:31:20:e0:68:17:34:47:a1:d6:d5:43:2b:e5:
                    29:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:F5:A9:8C:8C:4A:45:E3:04:11:70:22:F7:81:F4:62:BF:3B:7B:1B
            X509v3 Authority Key Identifier:
                keyid:16:D6:DA:FB:F5:51:1C:53:56:93:30:FF:FD:2E:9E:56:49:74:D1:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/16D6DAFBF5511C53569330FFFD2E9E564974D14D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/76A483C840B59D5A386CC35FE891774F07C940C2A473A0C808FF79E9D673AC01/0/323830333a363338303a3a2f33322d3438203d3e203130363137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2803:6380::/32

    Signature Algorithm: sha256WithRSAEncryption
         c9:ef:77:a4:46:f1:d6:aa:f8:76:d9:a7:0a:b3:3f:f1:62:93:
         9d:0b:6e:82:10:6c:48:8d:c5:41:73:d0:17:2c:c4:ff:37:d9:
         34:3f:28:31:e8:a0:7f:6f:c4:f4:0b:c1:d3:65:00:4d:bd:c9:
         18:54:f7:a1:b4:4a:42:dd:1c:a1:89:35:9b:28:f2:ec:13:9f:
         b5:90:cb:9f:06:8d:a1:33:81:f6:d8:66:8d:78:f8:d7:6e:8a:
         11:af:a0:fd:c2:f4:6a:78:e2:64:21:71:c4:c2:d3:90:e3:72:
         e0:1b:67:57:61:d7:0d:e0:ab:16:71:4f:d8:07:05:98:f6:25:
         7f:a2:05:1e:63:00:e7:d2:c4:13:4e:48:be:21:7c:59:1b:99:
         ce:40:3c:90:96:90:88:4d:b5:27:c0:34:27:56:9f:2f:cd:fb:
         2e:fb:a0:9f:08:33:15:ee:1d:79:a7:b3:34:21:24:23:41:c3:
         10:e3:dd:f4:f3:1e:ba:8d:7c:e0:ad:c5:fc:4b:64:88:29:aa:
         c7:34:64:a0:7c:5f:08:69:30:69:b3:79:f2:00:9c:02:14:ce:
         7b:23:ce:0f:60:05:7c:f5:ad:fb:ae:b8:53:b4:9c:3b:dd:c0:
         8e:2a:e5:83:96:c0:7f:2f:15:8b:e4:2a:13:b6:46:a7:0f:05:
         b9:22:4a:3b
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIUSBpSRLmCrgjHFINDhh3y4l8HJJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTZENkRBRkJGNTUxMUM1MzU2OTMzMEZGRkQyRTlFNTY0
OTc0RDE0RDAeFw0yNTAyMDQxODQzNDVaFw0yNjAyMDMxODQ4NDVaMDMxMTAvBgNV
BAMTKDMzRjVBOThDOEM0QTQ1RTMwNDExNzAyMkY3ODFGNDYyQkYzQjdCMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4/5DuHX0HSEvqWjABsmGhUk24
x2ZRUfpXG884+5BzIN+wYATVp/PE+0Pzf/8TRBS7Xt4WG9phKI4tVCc9BwEcWsxs
omAKhPQ27WiU4w3aTK9mVw+lrmSL8Xc1PqQG12ENXbf/xNJh2OPve60goe7PVDMI
LM+ByNqL4J6Vk95UvKQKWilFOKjIykUasU3/Hp7oElhUchYr5Fd8I0UEpGoyzVhC
PWFbSPx6r0bZ8UOGC+rK2ABT8OHT2YHrpkFhjWu5kh7/f4t7RTiKM/hcuY7hU9eC
Y38eWwTOwit2/7aZK+9o/7PR/MLF+5NxFFZ8R8jbMSDgaBc0R6HW1UMr5Sk/AgMB
AAGjggLHMIICwzAdBgNVHQ4EFgQUM/WpjIxKReMEEXAi94H0Yr87exswHwYDVR0j
BBgwFoAUFtba+/VRHFNWkzD//S6eVkl00U0wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83NkE0ODNDODQwQjU5RDVBMzg2Q0MzNUZFODkxNzc0RjA3
Qzk0MEMyQTQ3M0EwQzgwOEZGNzlFOUQ2NzNBQzAxLzAvMTZENkRBRkJGNTUxMUM1
MzU2OTMzMEZGRkQyRTlFNTY0OTc0RDE0RC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xNkQ2REFGQkY1NTExQzUzNTY5
MzMwRkZGRDJFOUU1NjQ5NzREMTRELmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzZBNDgzQzg0MEI1OUQ1QTM4NkNDMzVGRTg5MTc3NEYwN0M5NDBDMkE0
NzNBMEM4MDhGRjc5RTlENjczQUMwMS8wLzMyMzgzMDMzM2EzNjMzMzgzMDNhM2Ey
ZjMzMzIyZDM0MzgyMDNkM2UyMDMxMzAzNjMxMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAoA2OAMA0G
CSqGSIb3DQEBCwUAA4IBAQDJ73ekRvHWqvh22acKsz/xYpOdC26CEGxIjcVBc9AX
LMT/N9k0Pygx6KB/b8T0C8HTZQBNvckYVPehtEpC3RyhiTWbKPLsE5+1kMufBo2h
M4H22GaNePjXbooRr6D9wvRqeOJkIXHEwtOQ43LgG2dXYdcN4KsWcU/YBwWY9iV/
ogUeYwDn0sQTTki+IXxZG5nOQDyQlpCITbUnwDQnVp8vzfsu+6CfCDMV7h15p7M0
ISQjQcMQ49308x66jXzgrcX8S2SIKarHNGSgfF8IaTBps3nyAJwCFM57I84PYAV8
9a37rrhTtJw73cCOKuWDlsB/LxWL5CoTtkanDwW5Iko7
-----END CERTIFICATE-----
Generated at Thu Feb 13 18:18:29 2025 by rpki-client